Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software

131

132

133

134

135

136

137

138

139

140

12 Managing keys

This chapter describes how to manage EFS keys as follows:

• “Types of keys” (page 131)

• “Key manager key” (page 131)

• “Managing a user key” (page 132)

• “Managing a group key” (page 138)

• “Key manager operations” (page 142)

• “Key file location” (page 144)

Types of keys

EFS includes the following types of keys:

Table 4 EFS keys

DescriptionKey

Allows user to access file content through owner and group key.User

The user passphrase and user access key protect the user key. The user key protects the file encryption

key and group access key.

Allows group access to a file. You must have a key manager key to use this key. The group access key

protects the group key. The group key protects the file encryption key.

Group

This key is optional.

Allows the key manager to reset a user passphrase without having the key owner's old passphrase and

perform group administration.

Key

Manager

This key is optional.

Recovers file encryption key.Recovery

This key is optional.

Retrieves encrypted file content.File

encryption

Each key has its own life cycle, including how it is created, used and deleted.

Key manager key

The use of the key manager key is optional. The key manager key is required for these functions:

• Reset a user's passphrase without having the user's old passphrase

• Manage group keys

NOTE: If the key manager does not have a key, it is still possible for the key manager to reset

another user's passphrase, but that will require the key owner's old passphrase.

To use these features, a key manager key must be explicitly created using the evfspkey keygen

subcommand. The system administrator should not take on the role of key manager. Otherwise,

the system administrator could access the user's encrypted files by having access to the key manager

passphrase. The key manager's passphrase is requested during certain key management commands.

The key manager’s key plays a special role, which is used to protect group keys. Therefore, once

it is created, EFS does not allow a system administrator to delete it. If there are any reasons that

the key manager’s operations should be prohibited, the system administrator can disable the key

manager’s capability by removing its account configuration from the /etc/evfs/evfs.conf

Types of keys 131